Sharepoint 2010 user's migration.

Hello everybody,
I've migrated my Sharepoint 2007 (Windows 2003 AD 1) to our new Sharepoint 2010 (Windows 2008 R2 AD 2) and I've found problems with the users (migrated them with ADMT 3.2 preserving SiD). They cannot connect in this new Sharepoint, probably because they are
still registered in Sharepoint as AD1\user and not AD2\user?
There's a way I can complete this migration without losing the old Sharepoint users security\permissions?
Thanks in advance,
Yuri.

Learn about the new user experience in SharePoint 2010 and how you can use the new UI in your customizations. This training module also discusses improvements in list handling, including list relationships and new form-rending options.

Learn how your applications can extend the ribbon interface, which is now integrated into the SharePoint 2010 user experience, to include new menu items and options both on a global level and based on the context of the user. (Length: 9:04)

SharePoint has opened the search UI so that you are now able to extend the out-of-the-box search Web parts. Search also provides many places for you to create custom code to produce a rich search experience for your users. (Length: 2:04)

I keep getting the following error "This User Profile Application's connection is currently not available. The Application Pool or User Profile Service may not have been started. Please contact your administrator.". As sugested by Travis at http://blogs.pointbridge.com/Blogs/nielsen_travis/pages/default.aspx I tried commenting the two security nodes, removing its' allowInsecureTransport attributes, and setting then False. As Lionel wrote in his comment I tried also modifying "Central Administration / Application Management / Configure service application associations / Application Proxy Group" of my share point web application. My application pool for User Profile Service Application seems working and User Profile Service status is Started.One thing I remember about my issue, first I tried creating User Profile Service Application I got some error message and tried creating User Profile Service Application again. It gave me some other exception and than I navigated somehow to the "Manage service applications" page and there the desired User Profile Service Application was magically on the list with status Started. I thought - that's great! But when I clicked the User Profile Service Application link I got the nasty red error I mentioned at the beginning. Any ideas?Regards,Dawid Ireno

Hi,
How to get user group in sharepoint designer within workflow?
Basically I have to compair that current user is belongs to particular group or not.
How can I get check user group in workflow's if condition?
G. Goyal

I have upgraded an SSP database to SharePoint 2010 and successfully performed User Profile Synchronization with Active Directory, however I cannot manage ALL of the user profiles in the database.
I go to "Manage User Profiles" in Central Administration and perform a filtered search (i.e. I want all DOMAIN accounts beginning with "j" so I search for "DOMAIN\j" in Manage User Profiles), but I don't receive ALL the user profiles back. I receive about
8 in return when I know there are about 20 starting with "j".
If I create a new AD account beginning with "j" it is successfully synched with SharePoint 2010 and I see it in the Manage User Profiles. I ran an stsadm -o sync to clear any old synchronization information, and the Forefront Synchronization Service
appeared to pull in many changes to existing accounts (including ones I can't currently manage), but I still cannot manage them using "Manage User Profiles".
I really need to be able to manage all the profiles so I can manually edit some fields. Can anyone please help? Thanks in advance.

Sorry for opening another post following this, but I think this case is quite concrete:
http://social.msdn.microsoft.com/Forums/en-US/sharepoint2010general/thread/2fa02093-630e-4131-bdc7-0b979067f601
When trying to configure in Sharepoint 2010 - User Profile Application, an additional sync source from BDC (as at least, one LDAP Profile is required).
The first approach was to create a straightforward SQL Connection with SP Designer, and it seemed everything ok, except I'm not able to setup synchronization of "Manager" property, which is great in order to see Silverlight Organization Explorer Webpart.
As I have read in the previous post, someone pointed to setup a BDC with Visual Studio 2010, so one attribute is of type: Microsoft.SharePoint.SPUser. It seamed very logical, and so I tried to do such task.
Once I have deployed correctly a BDC with this strong type (SPUser), the result is that I'm still unable to see any attribute when trying to synchronize Manager attribute.
In Sharepoint 2007 this was possible, but not able in SP 2010.
Any idea of how to do it? Just a bug?
I have one very dirty workaround: setup a Timer job to run after Sync, so I can setup this field by code. But, for doing this, I would not need to run Sync process with BDC anymore.
Evotec Consulting

I installed SharePoint 2010, created a site (complete with a document library), and assigned user permissions. Additionally, I set up certificate authentication for all users. Two problems occur:
1. As the system administrator, when I access the https site, I no longer have permissions to add/edit users
2. When user's, who have permissions to edit/add a document/folder click on "Add document" or the folder icon to add a new folder, they get an error.
Any help is much appreciated.

Hello,
I am relatively new to SharePoint, and was wondering how I can accomplish using only user certificates to authenticate (and eventually authorize) access to the SharePoint 2010 Server (not just IIS).
My Environment currently looks like this:
- SharePoint is SSL-enabled
- User Browser Certificates (generated using OpenSSL) successfully authenticate to the IIS Server
- SharePoint uses Basic Authentication (user/password based on AD credentials)
I need to:
- Authenticate the user to SharePoint using the User Certificate from my browser (in other words, no password authentication to access the SharePoint website, but use the certificate that was used by iis to be able to log into SharePoint)
I am assuming I must use some sort of claims-based authentication.
Ideally, I would like to use ONLY the certification itself as a source of Authorized Repository for authentication. However, I am also open to having the user certificate be linked to Active Directory users as well.
I have done some research on this but am still lost as to how to approach this problem. Is there anyone that has done this or can assist me in getting this to work?
Any help would be greatly appreciated.
Thanks!